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1. Introduction 

At Scottish Enterprise, we are committed to doing business in compliance with all applicable 
laws. As a publicly accountable organisation, we must ensure that our business is 
conducted in accordance with the highest standards of corporate governance. 

One particular area of concern for Scottish Enterprise when doing business is Human 
Rights. The UN Guiding Principles on Business and Human Rights are based on a 
framework of state responsibility to protect human rights; business responsibility to respect 
human rights; and the requirement for remedy for negative human rights impacts. 

Based upon guidance from the Scottish Government this procedure sets out how Scottish 
Enterprise will undertake appropriate due diligence on companies specifically in relation to 
their human rights record, before entering a business relationship with them. This includes 
an assessment of whether an individual or company, including any parent or subsidiary, has 
been associated with human rights abuses anywhere in the world. 

This procedure is intended to enhance, not supersede, existing due diligence checks 
undertaken by Scottish Enterprise. By following the procedure’s steps, we obtain the 
information required to make informed decisions prior to entering into business relationships. 


2. What is Due Diligence ? 

Due diligence is about understanding who we are dealing with and why we are getting 
involved. It means the taking of reasonable steps to understand who our customer is (and 
particularly, who controls them), how their activities are funded and why our assistance is 
required. It also helps us to understand the possible risks that the relationship could pose to 
our business and what we need to do to manage those risks. 

It involves the detailed examination of a company and its financial or project delivery record 
being carried out before becoming involved in a business relationship with it. The 
information obtained in this process is used to decide whether we want to engage in a 
business relationship or even a one-off transaction. 

Scottish Enterprise requires a clear and consistent approach to customer due diligence as 
an essential element of our risk management. Failure in this area can lead to severe 
reputational, operational and financial consequences 


3. Who is our Customer / When does this procedure apply ? 

Our customer is anyone we are doing business with - whether on an ongoing basis or a 
one-off transaction. In this procedure when we use the word “customer” we mean both 
potential customers, i.e. those we are not yet in a business relationship with OR companies 
with whom SE has an existing or previous business relationship who have initiated a further 
approach to SE and which could lead to a new business relationship being formed. This 
procedure will not be applied retrospectively. 


4. Customer Due Diligence Procedure 


2 







SCOTTISH ENTERPRISE 
Customer Due Diligence Procedure 


CONFIDENTIAL 


For the purpose of this Procedure we define “business relationship” as any written 
relationship entered into between Scottish Enterprise and any company or a relationship 
where there is anticipated to be a substantive engagement of any format going forward. This 
will apply to all new and existing customers and partners which could result in SE providing 
new investment or funding by way of grants, loans, or equity. It also applies to SE entering 
into a commercial relationship with one or more third parties via e.g. a collaboration 
agreement, joint venture or memorandum of understanding (MoU) This latter area will 
require judgement based upon a risk-based approach. A business relationship does not 
need to include provision by SE of a particular product or financial assistance. Even where 
our assistance is limited to provision of account managed services (for example), the 
recipient of those services is classed as a customer and needs to meet our due diligence 
requirements prior to the start of our business relationship with them 

Exemptions: 

• Companies (UK and foreign owned firms) where t/o is not more that £10.2m, balance 
sheet total not more than £5.1m and average number of employees not more than 50. 
Please note requirement to consider thresholds per group status rather than single 
company status. 

• All companies where the expected investment from SE is less than £100K 

• UK Universities and other public sector organisations 

• Suppliers 

The nature and depth of due diligence to be undertaken 

There will be 3 levels' to the due diligence: 

• Level 1 - applicable to all companies (excluding exemptions) and where the anticipated 
investment is between £100K and £2m 

• Level 2 - applicable to all companies (excluding exemptions) and where the anticipated 
investment is between £2m and £5m 

• Level 3 - applicable to all companies and where the proposed investment relationships 
exceeds £5m from the public sector 

The initiation of the due diligence is the responsibility of the account manager or project 
owner assigned as project lead by the account team or the senior responsible owner. 
Examples of where there is a requirement for due diligence include: 

• At the point where the customer makes a specific enquiry, e.g. in relation to a possible 
new grant application or new equity investment. 

• For target account-managed businesses, this should take place before any discussion 
with the company regarding admission to Account Management. 

• For prospective inward investors, this should be undertaken as part of the transition from 
P20 to P50 as set out in the inward investment guidance. (For inward international trade 
missions, it may be that this will be the first point of contact with a prospective inward 
investor and therefore no prior due diligence is required. However, it may be the case 
that one or more of the party has reached an engagement threshold where it will be 
necessary to undertake due diligence). 

• For projects such as sector projects, where there is anticipated investment or a business 
relationship. 

• For projects such as infrastructure projects, where there is anticipated investment or a 
business relationship. 
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Once HR due diligence has been conducted and outcomes considered acceptable, that 
cover will have a lifetime of 3 years unless there has been an intervening breach. Where no 
such breach has come to SE’s attention, any further request for assistance during the 3 year 
period will not require any further due diligence. Where SE is aware that there has been a 
breach, this will be a factor to be considered in whether to progress discussions around the 
approach for further assistance. 

Level 1 

This comprises a series of binary questions: 

• Is the company or its ultimate owner registered in one of the “Human Rights Priority” 
countries as shown in the most recent Human Rights and Democracy reports ? YES/NO 

• Is the company or its ultimate owner listed on one of the following sites? Business and 
Human Rights Resource Centre YES/NO 

• Noraes Investment Bank Excluded Companies Report. YES/NO 

• Are any of the company’s directors or shareholders (>10% shareholding) listed on 
the World Bank List of Ineligible Firms and Individuals YES/NO 

• Are any of the company’s directors" or shareholders (>10% shareholding) flagged in 
Fame / Orbis as a Politically Exposed Person (PEP) on the LexisNexis World 
Compliance database ? YES/NO 

• Does an internet search for articles / sites / news about the company and its directors in 
relation to Human Rights indicate any recent (<5 years) incidents that indicate there 
might be a reputational risk associated with the company or its directors? YES/NO 

Where outcome of level 1 is NO for all questions then the engagement with the customer 
can continue. In the case where there is a YES to any of the questions the decision to 
proceed or stop needs to be made at the Grade 2 Director level within the business unit of 
the account manager or project owner. 

All level 1 checks will be undertaken by EFRS 

To request a level 1 check, please email the company name to HRDD@scotent.co.uk The 
EFRS will provide a report within three working days. 

Level 2 

This incorporates Level 1 assessment and is a more qualitative assessment that will require 
greater judgement. The level of scrutiny required to provide SE with a reasonable level of 
confidence that business relations with a potential customer would be acceptable varies 
depending on the exposure to risk presented by the customer’s circumstances and proposed 
transaction. As such, the level of our due diligence will vary depending on the risks which 
arise from each potential business relationship. As the customer is progressed through the 
due diligence process, the level of diligence to be conducted will be determined by our 
identification of, and response to, “red flags” (see further below). Similar to Level 1 
assessments, the decision to proceed or not requires to be made by the appropriate Grade 2 
Director. Advice can be obtained where required from the Head of Risk Management & 
Governance. The assessment will be summarised in the overall case or approval paper 
brought forward for approval, however, it is expected that normally the assessment will have 
been undertaken much earlier than around the point of approval. The assessment should 
include consideration of some or all of the following sources: 

• To assess the corruption risk rating of countries involved in the customer’s business, see 
the Transparency International Corruption Perceptions Index at: 
http://www.transparency.org/research/cpi/overview To assess whether the industry 
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within which operations are conducted is perceived as being high risk in terms of 
corruption exposure see the Transparency International Bribe Payers Index at: 
http://www.transparency.org/research/bpi/overview 

• To determine whether a country has a good political and human rights record, see the 
following link: https://freedomhouse.ora/report-tvpes/freedom-world 

• For guidance on conducting due diligence on supply chains for modern slavery 
purposes, the Chartered Institute of Procurement and Supply (CIPS) has produced the 
guidance found at the following link: 

https://www.cips.org/Documents/Knowledae/Procurement-Topics-and-Skills/4- 

Sustainability-CSR-Ethics/Sustainable-and-Ethical-Procurement/Modern-Dav- 

Slaverv.pdf . 

• The UK Home Office has also produced guidance on assessment of supply chains for 
Modern Slavery purposes, found at the following link: https://www.aooale.co.uk/url? 
sa=t&rct=j&q=&esrc=s&frm=l&source=web&cd=l&cad=rja&uact=8&ved=0CB4QFjAAah 

UKEwjjobPvqYPJAhVDVxOKHOf4Bko&url=https%3A%2F%2Fwww.aov.uk 

%2Faovernment%2Fpublications%2Ftransparencv-in-supplv-chains-a-practical- 

auide&usa=AFOjCNGRD8piHlpvPcuDteoSvksZU-EcNA . 

• To assess whether the customer’s business sector is high risk for modern slavery 
purposes, see the following link which contains OECD guidelines which are divided by 
sector (currently (i) agricultural, (ii) extractive minerals, (iii) manufacturing, (iv) textile or 
garment industries) and which set out far-reaching recommendations to multinational 
enterprises dealing in these sectors: http://mneauidelines.oecd.org/ . 

Additionally, consideration should be given to the following where insights can be obtained : 

• Governance and Internal Control systems of the potential investor - does the 
organisation have policies or mechanisms in place that address its human rights 
obligations, e.g. through equalities or corporate social responsibility committees or 
programmes? Have steps been taken to improve its record and/or provide redress for 
any prior human rights issues? 

• Downstream Delivery - is there evidence that the organisation carries out its own due 
diligence checking on its partners, joint ventures, subsidiaries etc.? How does it monitor, 
evaluate and control the risk of existing projects? Is there a record of any human rights 
concerns of any subsidiary or partner organisation? 


Level 2 assessments will be undertaken by the project owner. If required the EFRS can 
provide a company profile showing group structure and ownership to help with assessment. 
Email HRDD@scotent.co.uk to request a company profile. 


Level 3 

This is a bespoke assessment and will be commissioned by the project manager and 
generally be undertaken by a third party requiring full participation by the company. Similar to 
Level 1 and Level 2 assessments, the decision to proceed or not requires to be made by the 
appropriate Grade 2 Director. Again, the assessment will be summarised in the overall case 
or approval paper brought forward for approval. 
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Examples of Red Flags (not exhaustive list) 


• A company or individual who owns or controls it is identified as having committed a 
violation of Human Rights 

• The company operates in a country subject to sanctions. 

• The company deals with foreign national’s subject to trade sanctions. 

• The company operates in a conflict-affected area. 

• The company operates in an area known for corruption or terrorist sympathies 

• The company’s supply chains are not transparent 

• The customer’s business relates to (sources from or deals with) the extractive, 
minerals, agricultural, manufacturing, textile or garment industries (higher risk when 
dealing with these industries coupled with an international element - i.e. sourcing 
labour from abroad, purchasing supplies from factory/supplier abroad). 

• The customer’s business involves dealing with foreign officials or third parties in a 
country with a low score on the corruption perceptions index (i.e. a high-risk country for 
corruption purposes). 
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i Where the business relationship is not one involving financial outlay by SE or where it may but it is too remote to 
anticipate any specific value, the due diligence levels are not directly applicable. In such cases, however, it will be for 
the project lead to decide which level or levels of due diligence are appropriate to meet the particular circumstances. 

ii “directors” means those individuals who are formally board members as opposed to those who may simply have 
“director” in their job title. 



